[Aditya and Ayush are students at National Law University Odisha and National Law University Jodhpur, respectively.]
In a step towards overhauling the regulatory and licensing framework for telecommunications (telecom), the Telecommunication Bill 2023 (Bill), received the assent of the president, making it into a law. The Telecommunication Act 2023 (Act) aims to consolidate the law for wireless network and internet service providers, as well as simplify the process of applying for licenses and permits for telecom operators. While the Act aims to streamline licensing and promote technological progress, the question remains as to how far the Act balances the needs of the telecom industry, or if it is merely a repackaged version with the replicated language of the archaic colonial law, the Telegraph Act 1885.
In this paper, the authors, first, provide an introduction of the Act. Later, the authors delve specifically into the interception powers under the Act and their implications on fundamental rights. Lastly, the authors conclude the article with additional concerns and oversight issues with the Act.
Telecom Totalitarianism: Navigating Shutdowns, Surveillance, and the Biometric Challenge under the Act
The implementation of the Act has ignited a heated discussion, mainly due to its provisions granting the Indian government extensive surveillance and interception powers. Section 20(2)(a) of the legislation allows for interception or obstruction of messages or class of messages based on reasons such as safeguarding national security, maintaining public order, etc. mandating decryption of encrypted personal messages of individuals.
This provision has prompted valid concerns about the potential for breaching individual privacy and disregarding the fundamental principles of necessity and proportionality, as established by the 2017 ruling of the Supreme Court of India in the case of Justice KS Puttaswamy (Retired) v. Union of India (Puttaswamy). In this landmark judgment, it was firmly asserted that the right to privacy is safeguarded as an inherent aspect of the right to life and personal liberty under Article 21, and as a fundamental right guaranteed by Part III of the Constitution of India.
The Act’s approach to surveillance is also unfavorable as compared to international standards. For instance, the United Kingdom and Australia require judicial authorization for interception of any encrypted message or class of messages which ensures a check on the governmental powers. The authors propose that certain measures such as incorporating judicial oversight into the framework would have kept a check on the unbridled powers of the government.
Further, the authorized power of interception without exemptions, for encrypted platforms, also threatens the very foundation of end-to-end encryption, potentially forcing secure services such as WhatsApp, Signal, and others to cease operations in India. This unruly power of the government could affect both human rights in the digital age and trust in digital services in the Indian market if permitted.
The Act, additionally, confers express authority on the government to suspend telecom services and internet under circumstances similar to those warranting the interception of messages, subject to the protocols and precautions mandated by the government. However, the exercise of such power should be approached with extreme caution due to the far-reaching negative impacts of internet shutdowns.
It is commonly observed that internet shutdowns not only disrupt economic activity, infringe upon human rights, and suppress freedom of speech but also undermine public trust in the government and inadvertently harm international relations. The UN Human Rights Council has unequivocally criticized internet shutdowns. Disruptions caused by the internet intensify - conflict, anxiety, and uncertainty. The authors acknowledge that India, which has had the greatest number of internet outages in recent years, should include measures in the Act to lessen outages, rather than disregarding the situation.
Section 3(7) of the Act compels telecom service providers to use biometric authentication to verify users' identities. This provision raises concerns regarding principles of proportionality and privacy. Biometric data, such as fingerprints or facial characteristics, are unique to each person and, if hacked, might be used for identity theft, fraud, or other harmful purposes.
In the context of telecom services, biometric data might be used to verify identification while providing SIM cards. However, questions can be raised over the necessity of such a requirement. The Supreme Court of India, in its 2017 Puttaswamy judgment, held that any action that violates the right to privacy must serve a valid purpose and the action itself must be proportional to that purpose. The court also ruled that linking Aadhaar with mobile numbers is disproportionate and an unreasonable state compulsion. There are less intrusive means available to establish identity such as utilising government-issued identification documents like a PAN card or voter ID card. Therefore, the authors failed to understand the need of biometrics for subscribing to telecom services when there are other means available.
Moreover, consumers may express apprehension regarding the potential misuse of biometric data, particularly in the absence of comprehensive legislation aimed at safeguarding against such occurrences as there are currently no clear rules and regulations in place protecting consumers in case their biometric data is leaked or shared.
Nevertheless, large databases of biometric information could also become attractive targets for malicious actors. There have been instances where hackers have bypassed biometric security systems and accessed sensitive information. Unlike passwords, biometric data cannot be changed once compromised, making the potential damage long-lasting and severe.
The Act, therefore, lays the ground for a larger totalitarian control wherein the government intends to assert its control over telecom services, marking India’s transformation towards a digital authoritarian state. The government's powers under the Act are not merely restricted to surveillance and interception; therefore, in the next part, the authors delineated the major concerns of the Act that need to be addressed.
Major Lacunae: Brand New Act, Same Old Concerns
Although the Act pledged a significant change in the legal structure concerning telecommunications in India by repealing the Indian Telegraph Act 1885, it still retains elements of colonial influence, thereby failing to capitalize on a key opportunity for comprehensive reform.
First, the Act grants sweeping powers to officers authorized by the government and allows them to search premises or vehicles if they possess reasonable grounds to suspect the presence of unauthorized telecommunications equipment or networks that might potentially be used for illicit activities. Further, the officers are also empowered to take possession of such equipment or networks. The Act has been particularly criticized for lacking procedural safeguards against search power abuse. This absence contrasts with present search constraints to avoid arbitrariness. The authors believe that the absence of such requirements in the new Act is cause for worry, as it allows police to take arbitrary and potentially unjustifiable acts that may violate individuals’ rights and freedom.
Second, the simultaneous auction and allocation of spectrum, a vital telecoms resource, is under discussion. Governments have only auctioned spectrum licenses for years. This technique improves justice, openness, and efficiency and is duplicated worldwide. A well-designed auction may distribute resources to the ones who value them the most while raising government revenue. However, this method has prompted issues about its fairness, especially when comparing Telecoms and satellite providers. When one party gets a license through an auction and the other through allocation, the playing field becomes uneven.
Third, there are two main issues with the Act's ability for the government to control networks and establish equipment standards. First, operators may incur additional costs in developing equipment as per standards, particularly if items need to be modified for countries such as India. Second, network takeovers are complex and need a thorough understanding of all the modalities, actions, steps, and parties involved; any error can lead to significant losses.
Finally, the Act seeks to give the central government significant regulatory power, unlike in power and finance, where regulators like the Central Electricity Regulatory Commission and the Securities and Exchange Board of India perform similar functions. The Act also authorizes the central government to allocate spectrum, authorize telecom operations, and investigate violations. Instead of the Telecom Regulatory Authority of India, the government would now also set standards and evaluate telecom equipment, networks, and services. All these moves raise questions about the future of the Indian telecom sector, since government engagement can improve fair competition, consumer protection, and national security but also hinder innovation and competition.
Conclusion
The recent enactment of the Act represents a significant effort of the government towards simplifying regulations, for wireless networks and internet service providers. The legislation aims to preserve current regulatory systems, while simultaneously simplifying bureaucratic processes, digitalizing licensing procedures, and implementing new measures to address non-compliance.
While the Act can be applauded for promoting regulatory effectiveness, it has raised concerns over the extensive surveillance power of government and the mandatory requirement for biometrics among others. Urgent attention is required to rectify these concerns since the legislation has the potential to aid the next phase of telecom expansion in India, considering that more than half of the population still lacks access. Careful consideration and active public engagement might be necessary to strike a balance in such regulatory matters.
Comments